添加网络组件

安装和配置控制器节点

创建数据库

mysql -uroot -ptoyo123

CREATE DATABASE neutron;

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \

  IDENTIFIED BY 'toyo123';

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \

  IDENTIFIED BY 'toyo123';

exit

创建服务凭据

source admin-openrc.sh

keystone user-create --name neutron --pass Abcd1234

keystone user-role-add --user neutron --tenant service --role admin

keystone service-create --name neutron --type network \

  --description "OpenStack Networking"

keystone endpoint-create \

  --service-id $(keystone service-list | awk '/ network / {print $2}') \

  --publicurl http://controller:9696 \

  --adminurl http://controller:9696 \

  --internalurl http://controller:9696 \

  --region regionOne

安装网络组件

yum install -y openstack-neutron openstack-neutron-ml2 python-neutronclient which

查询service
id下面编辑配置文件会用到

source admin-openrc.sh

keystone tenant-get service

编辑/etc/neutron/neutron.conf文件

mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak

vim /etc/neutron/neutron.conf

[database]

connection = mysql://neutron:toyo123@controller/neutron

[DEFAULT]

rpc_backend = rabbit

rabbit_host = controller

rabbit_password = Abcd1234

auth_strategy = keystone

core_plugin = ml2

service_plugins = router

allow_overlapping_ips = True

notify_nova_on_port_status_changes = True

notify_nova_on_port_data_changes = True

nova_url = http://controller:8774/v2

nova_admin_auth_url = http://controller:35357/v2.0

nova_region_name = regionOne

nova_admin_username = nova

nova_admin_tenant_id = 89bc1f42c0194ef4b1ff2dfea07caf2f

nova_admin_password = Abcd1234

verbose = True

[keystone_authtoken]

auth_uri = http://controller:5000/v2.0

identity_uri = http://controller:35357

admin_tenant_name = service

admin_user = neutron

admin_password = Abcd1234

[neutron]

url = http://controller:9696

auth_strategy = keystone

admin_auth_url = http://controller:35357/v2.0

admin_tenant_name = service

admin_username = neutron

admin_password = Abcd1234

编辑 /etc/neutron/plugins/ml2/ml2_conf.ini文件

mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak

vim /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]

type_drivers = flat,gre

tenant_network_types = gre

mechanism_drivers = openvswitch

[ml2_type_gre]

tunnel_id_ranges = :

[securitygroup]

enable_security_group = True

enable_ipset = True

firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

编辑/etc/nova/nova.conf

vim /etc/nova/nova.conf

[DEFAULT]

network_api_class = nova.network.neutronv2.api.API

security_group_api = neutron

linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver

firewall_driver = nova.virt.firewall.NoopFirewallDriver

[neutron]

url = http://controller:9696

auth_strategy = keystone

admin_auth_url = http://controller:35357/v2.0

admin_tenant_name = service

admin_username = neutron

admin_password = Abcd1234

完成安装

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \

  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno" neutron

systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \

  openstack-nova-conductor.service

systemctl enable neutron-server.service

systemctl restart neutron-server.service

验证

source admin-openrc.sh

neutron ext-list

安装和配置网络节点

配置内核网络参数

vim /etc/sysctl.conf

net.ipv4.ip_forward=

net.ipv4.conf.all.rp_filter=

net.ipv4.conf.default.rp_filter=

sysctl -p

安装网络组件

yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch

编辑/etc/neutron/neutron.conf

mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak

vim /etc/neutron/neutron.conf

[DEFAULT]

rpc_backend = rabbit

rabbit_host = controller

rabbit_password = Abcd1234

auth_strategy = keystone

core_plugin = ml2

service_plugins = router

allow_overlapping_ips = True

verbose = True

[keystone_authtoken]

auth_uri = http://controller:5000/v2.0

identity_uri = http://controller:35357

admin_tenant_name = service

admin_user = neutron

admin_password = Abcd1234

编辑 /etc/neutron/plugins/ml2/ml2_conf.ini

mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak

vim /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]

type_drivers = flat,gre

tenant_network_types = gre

mechanism_drivers = openvswitch

[ml2_type_flat]

flat_networks = external

[ml2_type_gre]

tunnel_id_ranges = :

[securitygroup]

enable_security_group = True

enable_ipset = True

firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

[ovs]

local_ip = 192.168.116.8

enable_tunneling = True

bridge_mappings = external:br-ex

[agent]

tunnel_types = gre

编辑/etc/neutron/l3_agent.ini

mv  /etc/neutron/l3_agent.ini  /etc/neutron/l3_agent.ini_bak

vim /etc/neutron/l3_agent.ini

[DEFAULT]

interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver

use_namespaces = True

external_network_bridge = br-ex

router_delete_namespaces = True

verbose = True

编辑/etc/neutron/dhcp_agent.ini

mv  /etc/neutron/dhcp_agent.ini  /etc/neutron/dhcp_agent.ini_bak

vim /etc/neutron/dhcp_agent.ini

[DEFAULT]

interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver

dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

use_namespaces = True

dhcp_delete_namespaces = True

verbose = True

dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf

创建/etc/neutron/dnsmasq-neutron.conf并关掉dnsmasq进程

vim /etc/neutron/dnsmasq-neutron.conf

dhcp-option-force=,

pkill dnsmasq

编辑/etc/neutron/metadata_agent.ini

mv /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak

vim /etc/neutron/metadata_agent.ini

[DEFAULT]

auth_url = http://controller:5000/v2.0

auth_region = regionOne

admin_tenant_name = service

admin_user = neutron

admin_password = Abcd1234

nova_metadata_ip = controller

metadata_proxy_shared_secret = METADATA_SECRET

verbose = True

编辑/etc/nova/nova.conf

mv /etc/nova/nova.conf /etc/nova/nova.conf_bak

vim /etc/nova/nova.conf

[neutron]

service_metadata_proxy = True

metadata_proxy_shared_secret = Abcd1234

重启nova-api服务
systemctl restart openstack-nova-api.service

 

配置开放的vSwitch(OVS)服务

systemctl enable openvswitch.service

systemctl start openvswitch.service

ovs-vsctl del-br br-ex && ovs-vsctl add-br br-ex && ovs-vsctl add-port br-ex eth0 && reboot

  

创建ifcfg-br-ex

vim /etc/sysconfig/network-scripts/ifcfg-br-ex

DEVICE=br-ex

DEVICETYPE=ovs

TYPE=OVSBridge

ONBOOT=yes

OVSBOOTPROTO=none

IPADDR=192.168.116.8

PREFIX=24

DEFROUTE=yes

GATEWAY=192.168.116.1

DNS1="114.114.114.114"

编辑/etc/sysconfig/network-scripts/ifcfg-eth0

vim /etc/sysconfig/network-scripts/ifcfg-eth0

TYPE="Ethernet"

BOOTPROTO="none"

DEFROUTE="yes"

NAME="eth0"

UUID="0e9ff19f-53db-4e78-ab16-a271ff92bd2b"

DEVICE="eth0"

ONBOOT="yes"

停止Gro并重启network服务

ethtool -K eth0 gro off && service network restart

创建ml2_conf.ini重定向并启动服务与设置开机自启动

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

cp /usr/lib/systemd/system/neutron-openvswitch-agent.service \

  /usr/lib/systemd/system/neutron-openvswitch-agent.service.orig

sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' \

  /usr/lib/systemd/system/neutron-openvswitch-agent.service

systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service \

  neutron-dhcp-agent.service neutron-metadata-agent.service \

  neutron-ovs-cleanup.service

systemctl restart neutron-openvswitch-agent.service neutron-l3-agent.service \

  neutron-dhcp-agent.service neutron-metadata-agent.service \

neutron-ovs-cleanup.service

验证

source admin-openrc.sh

neutron agent-list

配置计算机节点网络

编辑/etc/sysctl.conf

vim /etc/sysctl.conf net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0 sysctl -p

安装网络组件

yum install -y openstack-neutron-ml2 openstack-neutron-openvswitch

编辑/etc/neutron/neutron.conf

mv  /etc/neutron/neutron.conf  /etc/neutron/neutron.conf_bak

vim  /etc/neutron/neutron.conf

[DEFAULT]

rpc_backend = rabbit

rabbit_host = controller

rabbit_password = Abcd1234

auth_strategy = keystone

core_plugin = ml2

service_plugins = router

allow_overlapping_ips = True

verbose = True

[keystone_authtoken]

auth_uri = http://controller:5000/v2.0

identity_uri = http://controller:35357

admin_tenant_name = service

admin_user = neutron

admin_password = Abcd1234

编辑/etc/neutron/plugins/ml2/ml2_conf.ini

mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak

vim /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]

type_drivers = flat,gre

tenant_network_types = gre

mechanism_drivers = openvswitch

[ml2_type_gre]

tunnel_id_ranges = :

[securitygroup]

enable_security_group = True

enable_ipset = True

firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

[ovs]

local_ip = 192.168.116.10

enable_tunneling = True

[agent]

tunnel_types = gre

启动OVS服务并将其配置为开机自启动

systemctl enable openvswitch.service

systemctl restart openvswitch.service

编辑/etc/nova/nova.conf

vim /etc/nova/nova.conf

[DEFAULT]

network_api_class = nova.network.neutronv2.api.API

security_group_api = neutron

linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver

firewall_driver = nova.virt.firewall.NoopFirewallDriver

[neutron]

url = http://controller:9696

auth_strategy = keystone

admin_auth_url = http://controller:35357/v2.0

admin_tenant_name = service

admin_username = neutron

admin_password = Abcd1234

完成安装

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

cp /usr/lib/systemd/system/neutron-openvswitch-agent.service \

  /usr/lib/systemd/system/neutron-openvswitch-agent.service.orig

sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' \

  /usr/lib/systemd/system/neutron-openvswitch-agent.service

systemctl restart openstack-nova-compute.service

systemctl enable neutron-openvswitch-agent.service

systemctl restart neutron-openvswitch-agent.service

验证

source admin-openrc.sh

neutron agent-list

创建外部网络

source admin-openrc.sh

neutron net-create ext-net --router:external True \

  --provider:physical_network external --provider:network_type flat

neutron subnet-create ext-net --name ext-subnet \

  --allocation-pool start=192.168.116.240,end=192.168.116.250 \

  --disable-dhcp --gateway 192.168.116.1 192.168.116.0/

创建租户网

source demo-openrc.sh

neutron net-create lan-net

neutron subnet-create lan-net --name lan-subnet \

  --gateway 192.168.101.1 192.168.101.0/

neutron router-create lan-router

neutron router-interface-add lan-router lan-subnet

neutron router-gateway-set lan-router ext-net

创建路由器以便租户网可以连接外部

验证

ping 192.168.116.150

做了上面的ovs就不要做下面的传统网络

配置控制器节点

配置传统网络

编辑/etc/nova/nova.conf
重启服务

vim /etc/nova/nova.conf

[DEFAULT]

network_api_class = nova.network.api.API

security_group_api = nova

systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \

openstack-nova-conductor.service

配置计算机节点

安装网络组件

yum install -y openstack-nova-network openstack-nova-api

编辑 /etc/nova/nova.conf

vim /etc/nova/nova.conf

[DEFAULT]

network_api_class = nova.network.api.API

security_group_api = nova

firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver

network_manager = nova.network.manager.FlatDHCPManager

network_size =

allow_same_net_traffic = False

multi_host = True

send_arp_for_ha = True

share_dhcp_address = True

force_dhcp_release = True

flat_network_bridge = eth0

flat_interface = eth0

public_interface = eth0

启动服务并配置为开机自启动

systemctl enable openstack-nova-network.service openstack-nova-metadata-api.service

systemctl restart openstack-nova-network.service openstack-nova-metadata-api.service

创建初始网络(192.168.116.25/29根据当前外网计算得出的这里的外网是指云主机获取到的ip可直接访问外网,生产环境中可将这里配置为从运营商那里获取到的ip段)

source admin-openrc.sh

nova network-create demo-net --bridge eth0 --multi-host T \

  --fixed-range-v4 192.168.116.25/

验证

nova net-list

 

8.OpenStack网络组件的更多相关文章

  1. OpenStack云计算(一)——OpenStack 网络

    关于OpenStack OpenStack它是 Rackspace Cloud 和 NASA 负责的一个开源基础架构即服务的云计算项目. OpenStack 是一个由开发者和云计算技术人员的全球协作开 ...

  2. 深入理解openstack网络架构(3)-----路由

    原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture2 译文转自:http://b ...

  3. 深入理解openstack网络架构(2)----Basic Use Cases

    原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture1 译文转自: http:// ...

  4. 深入理解openstack网络架构(1)

    原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture 译文转载自:http://b ...

  5. OpenStack网络的前世今生

    声明: 本文转自OpenStack中国社区,原文链接:http://www.openstack.cn/p353.html,作者Joshua,转载请注明. 在OpenStack世界中,网络组件最初叫no ...

  6. openstack 网络架构 nova-network + neutron

    openstack网络架构(nova-network/neutron) openstack网络体系中,网络技术没有创新,但用到的技术点很庞杂,包含bridge.vlan.gre.vxlan.ovs.o ...

  7. openstack 网络简史

    openstack 网络简史 研究openstack有2个月的时间,这段时间从网上获取N多宝贵资料,对我的学习有非常大帮助,在加上我自己的研究,最终对openstack整个网络体系有了个浅显的认识,写 ...

  8. OpenStack—neutron组件介绍与安装

    neutron介绍 Neutron 概述:传统的网络管理方式很大程度上依赖于管理员手工配置和维护各种网络硬件设备:而云环境下的网络已经变得非常复杂,特别是在多租户场景里,用户随时都可能需要创建.修改和 ...

  9. OpenStack—nova组件计算服务

    nova介绍: Nova 是 OpenStack 最核心的服务,负责维护和管理云环境的计算资源.OpenStack 作为 IaaS 的云操作系统,虚拟机生命周期管理也就是通过 Nova 来实现的. 用 ...

随机推荐

  1. zeppelin之连接mysql

    上面的一篇文章,对于zeppelin的使用,只是我们对于数据存储在文件中,每一次对于当我们连接数据库的时候都会有问题,今天刚好 把这个问题解决今天我们刚好来介绍如何使用zeppelin来与数据进行连接 ...

  2. Spring.net Ioc 依赖注入

    控制反转 (Inversion of Control,英文缩写为IoC)是一个重要的面向对象编程的法则来削减计算机程序的耦合问题,也是轻量级的Spring框架的核心. 控制反转一般分为两种类型,依赖注 ...

  3. 3 网格 landing page

    0.大框架 <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <tit ...

  4. P1862 输油管道问题

    P1862 输油管道问题 题目背景 听说最近石油危机 所以想到了这题 题目描述 某石油公司计划建造一条由东向西的主要输油管道.该管道要穿过一个有n口油井的油田.从每口油井都要有一条输油管道沿最短路径( ...

  5. 用(bootstrap)Handsontable做表格,手动实现数据排序

    商品graph帐票时,用(bootstrap)Handsontable做表格,手动实现数据排序待解决的问题: 若使用控件本身的排序,必须指定colHead,colHead不能被copy,若想表头被co ...

  6. CentOS 单用户模式:修改Root密码和grub加密[转]

    原文出处: http://zhengdl126.iteye.com/blog/430268 Linux 系统处于正常状态时,服务器主机开机(或重新启动)后,能够由系统引导器程序自动引导 Linux 系 ...

  7. 如何高性能的给 UIImageView 加个圆角?

    不好的解决方案 使用下面的方式会强制Core Animation提前渲染屏幕的离屏绘制, 而离屏绘制就会给性能带来负面影响,会有卡顿的现象出现 self.view.layer.cornerRadius ...

  8. 玩转Linux之pwd命令

    玩转Linux之pwd命令 你有没有遇到过需要知道当前所在目录却无从得知?有没有想要复制出当前所在目录层次却不知如何下手?俗话说有困难找警察,想知道目录层次自然要找pwd了.那么问题来了: 什么是pw ...

  9. 自动化测试(三)如何用python写个一函数,这个函数的功能是,传入一个数字,产生N条手机号,产生的手机号不能重复

    本期时间短没来得及写思路,不过我都加了注释,有问题可以@我 import randomimport timedef Phones(number):#生成手机号函数 s = "01234567 ...

  10. python-isinstance,issubclass

    1 #当存在继承关系时,两个类中存在相同的方法,如何执行父类的方法,通过super 2 class C1: 3 def f1(self): 4 print('c1.f1') 5 6 7 class C ...